[Openid-specs-digital-credentials-protocols] Contest: Name the nameless OpenID4VP message type!

Michael Jones michael_b_jones at hotmail.com
Fri Aug 30 22:34:52 UTC 2024 

While working on https://github.com/openid/OpenID4VP/issues/227, I encountered a kind of message defined by OpenID4VP for which there isn't a name.  Other message types, such as Authorization Request, Token Response, Presentation Request, etc. have names in the spec, which is useful to the reader.

https://openid.net/specs/openid-4-verifiable-presentations-1_0-21.html#name-response-mode-direct_post contains this text describing an instance of a parameter for this unnamed message type:

The following new parameter is defined for use in the response from the endpoint:
redirect_uri:
OPTIONAL. String containing a URI. When this parameter is present the Wallet MUST redirect the User Agent to this URI. This allows the Verifier to continue the interaction with the End-User on the device where the Wallet resides after the Wallet has sent the Authorization Response to the Response Endpoint. It can be used by the Verifier to prevent session fixation (Section 12.2<https://openid.net/specs/openid-4-verifiable-presentations-1_0-21.html#session_fixation>) attacks. The Response Endpoint MAY return the redirect_uri parameter in response to successful Authorization Responses or for Error Responses.

First, to possibly help us think about what this kind of parameter should be called, would it be a correct clarification to change:
The following new parameter is defined for use in the response from the endpoint:
to:
The following new parameter is defined for use in the response from the Response Endpoint to the Wallet:
?

If I'm right about the above, then currently we'd be calling the response something like "the response from the Response Endpoint to the Wallet" and the parameters for it "parameters used in the response from the Response Endpoint to the Wallet".  But hopefully we can name these things to make the exposition cleaner.

Any suggested names?  Will you be the lucky winner?!!! ;-)

                                                                Thanks,
                                                                -- Mike

P.S.  Of course, if I failed to notice a name that's already right under my nose, feel free to point out what I missed. :-)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240830/da41d997/attachment.html>

More information about the Openid-specs-digital-credentials-protocols mailing list